/List-RDP-Connections-History

Use powershell to list the RDP Connections History of logged-in users or all users

Primary LanguagePowerShellBSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

List-RDP-Connections-History

Use powershell to list the RDP Connections History of logged-in users or all users

List Logged-in Users' RDP Connections History

Enumerating the registry key values of HKEY_USERS"+$User.SID+"\Software\Microsoft\Terminal Server Client\Servers\

List All Users' RDP Connections History

Realization ideas:

  • First use "reg load" to load hive.
  • Then read the RDP Connections History from HKEY_USERS.
  • Last you need to use "reg unload" to unload hive.

Note:

The script automatically implements the above operation,there is no need for a GUI. :)

More Details:

渗透技巧——获得Windows系统的远程桌面连接历史记录